IT security news on the latest technology and the number one resource for your hardware and software needs.
Visit us at www.hyphenet.com

Monday, October 7, 2013

How to Spot Banking Cyber-Criminals in the Act

Banks are trustworthy financial institutions that we don’t think
twice about handing our money over to. This is why we have to be aware
of the banking thieves waiting for us to give up our personal
information, because many of these attacks seem very convincing.

Cybercriminals are good at swindling you into thinking they are
trustworthy companies just trying to help you out. Don’t be fooled,
there are ways to tell weather or not the emails and phone calls are
fake.

Hesperbot
a new Trojan that has been detected by ESET, uses high-tech mechanisms
to bypass the banking security systems. This is canny social
engineering trick for victims to fall for the scam.

Here are some tips to use when distinguishing between the behavior of a banking thief and the real institution:

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/Never confirm anything through a text message
Banks will send you a text, informing you that your account has
changed. Do not believe this! Banks will not ask you to confirm
anything through a text message. Do not ever click on links or put in
passwords from a text message you may receive from a bank.

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/Don’t believe any deadline threats
Banks will let you know if something is “urgent” with suspicion of
fraud pertaining to matters regarding your funds. Banks will not ever
send you a message threatening a deadline about your account shutting
down. Cybercriminals are always in a rush to get you to fall for their
scam. Their websites are often flagged or blocked pretty quickly so the
faster you respond to their “urgent” message, the better for them.

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/Don’t trust links about a “new version” of your banking app
There are noted attempts of fraudulent instillation on your phone
with a new app for your banking system. The malicious apps are trying
to bypass security systems to get into your bank accounts. You can call
your bank to double check on the upgrade, or go to their website.
These apps are now being analyzed.

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/Watch out for shortened URLs in an email
Cybercriminals can use shortened URLs to trick people into clicking
onto a fraudulent website. URL-shortening deceives users into clicking a
link without ever knowing where it will take you. You may have seen
shortened URLs from twitter and YouTube, but your bank will not use
them.

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/
Don’t trust couriers to pick up your “faulty” bank card
Courier scams are starting to become a problem with bank fraud. The
“bank” will call you telling you a courier will arrive to collect a
faulty bank card. A courier then arrives at your home asking for your
bank card because it is “faulty” then proceed to give you a new bank
card that is safe to use. Do not fall for this. And don’t let them in
your house. If your card is indeed faulty, the bank will instruct you
to destroy it. Never hand your bank card over to anyone.

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/Watch out for phone calls for you to “prove” your identity
A new scam is a phone call from either “the police” or “your bank”,
telling you they have found fraudulent transactions on your card. The
criminals will ask you to prove your identity by calling a real bank
number. The trick is, when you hang up the criminals are still on the
phone with a fake dial tone, then they ask you to enter your passwords
and you just gave your account into away.

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/Don’t believe new email addresses
Be wise to receiving an email to your work email or any other address
letting you know they are contacting you this way because it is a work
day and they are more likely to get a hold of you. Banks will not add
another email address on their own. The email address you give them
should be the only one in their system.

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/Check to make sure the web page is secure
If you are on a real banking website, there should be a symbol in
your browser’s address bar. This shows you it is secure with a lock
padlock or unbroken key symbol. If there is no symbol in the browser,
be wary, the page may not be real.

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/Banks should always use your name
If you receive an email addressing you as “Dear Customer” or
“youremail@yahoo.com”, go no further. Banks will always use your name
and even include the last four of your social or account number. Any
emails addressed to anything friendly sounding but your name is often
spam.

http://www.hyphenet.com/blog/spot-banking-cyber-criminals/Don’t give up your personal information
When a bank gets a hold of you in suspicion of fraud, they will ask
you to verify personal information. Usually your phone pin number is
asked for you to use, not your debit card pin. Never give up any
personal information like your mother’s maiden name or the name of your
first pet. Scammers use this to hack into other accounts of yours.

You can find a list of detailed phishing scams from ESET here.Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+References:
A scam-spotters guide: Ten things your bank will NEVER do – but cybercriminals will – We Live Securityhttp://www.welivesecurity.com/2013/09/12/a-scam-spotters-guide-ten-things-your-bank-will-never-do-but-cybercriminals-will/